[PATCH 3/3] posix timers: release_posix_timer: kill the bogus put_task_struct(->it_process);

view
thread

Score:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Oleg Nesterov <oleg@...>

To: Andrew Morton <akpm@...>

Cc: Roland McGrath <roland@...>, Thomas Gleixner <tglx@...>, <linux-kernel@...>

Subject: [PATCH 3/3] posix timers: release_posix_timer: kill the bogus put_task_struct(->it_process);

Date: Saturday, May 17, 2008 - 11:14 am

release_posix_timer() can't be called with ->it_process != NULL. Once
sys_timer_create() sets ->it_process it must not call release_posix_timer(),
otherwise we can race with another thread doing sys_timer_delete(), this timer
is visible to idr_find() and unlocked.

The same is true for two other callers (actually, for any possible caller),
sys_timer_delete() and itimer_delete(). They must clear ->it_process before
unlock_timer() + release_posix_timer().

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Acked-by: Roland McGrath <roland@redhat.com>

--- 25/kernel/posix-timers.c~3_RPT_NO_CHECK	2008-05-17 16:31:26.000000000 +0400
+++ 25/kernel/posix-timers.c	2008-05-17 16:38:07.000000000 +0400
@@ -450,9 +450,6 @@ static void release_posix_timer(struct k
 		spin_unlock_irqrestore(&idr_lock, flags);
 	}
 	sigqueue_free(tmr->sigq);
-	if (unlikely(tmr->it_process) &&
-	    tmr->it_sigev_notify == (SIGEV_SIGNAL|SIGEV_THREAD_ID))
-		put_task_struct(tmr->it_process);
 	kmem_cache_free(posix_timers_cache, tmr);
 }
 

--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH 3/3] posix timers: release_posix_timer: kill the bogu..., Oleg Nesterov, (Sat May 17, 11:14 am)

Navigation

Mail archive search

Popular discussions


linux-kernel:
Linus Torvalds	Linux 2.6.27-rc8
Greg KH	[GIT PATCH] driver core patches against 2.6.24
Linus Torvalds	Linux 2.6.27
Rafael J. Wysocki	[Bug #10714] powerpc: Badness seen on 2.6.26-rc2 with lockdep enabled
git:
Peter Stahlir	Git as a filesystem
skimo	[PATCH 02/15] git-config: add --remote option for reading config from remote repo
Aaron Bentley	Re: VCS comparison table
Carlos Rica	Re: If you would write git from scratch now, what would you change?
linux-fsdevel:
Pavel Machek	Re: [PATCH] [Request for inclusion] Filesystem in Userspace
Arjan van de Ven	Re: GFS, what's remaining
Badari Pulavarty	Bufferheads & page-cache reference
Suparna Bhattacharya	Reviewing ext3 improvement patches (delalloc, mballoc, extents)
openbsd-misc:
Richard Stallman	Real men don't attack straw men
Kevin	uvm_mapent_alloc: out of static map entries on 4.3 i386
Brandon Lee	DELL PERC 5iR slow performance
Todd Pytel	IDE or SCSI virtual disks for VMWare image?

Latest forum posts


usb mic not detected	3 hours ago	Applications and Utilities
Problem in Inserting a module	3 hours ago	Linux kernel
Treason Uncloaked	9 hours ago	Linux kernel
Shared swap partition	20 hours ago	Linux general
high memory	2 days ago	Linux kernel
semaphore access speed	2 days ago	Applications and Utilities
the kernel how to power off the machine	2 days ago	Linux kernel
Easter Eggs in windows XP	2 days ago	Windows
Root password	2 days ago	Linux general
Where/when DNOTIFY is used?	3 days ago	Linux kernel

Show all forums...

Recent Tags

Linus Torvalds bugs -rc8 2.6.27 2.6.27-rc8 quote Linux -rc Intel

more tags

Colocation donated by:

Online users

Syndicate